On June 24-25, the 32 member states of the North Atlantic Treaty Organization (NATO) gathered in The Hague, Netherlands, to discuss the most pressing geopolitical threats facing the alliance. During this latest summit, the world’s most prominent security organization agreed to a non-binding spending agreement that will ramp up defense spending, with each member state aiming for 3.5 percent of GDP by 2035. On top of this, NATO members will allocate 1.5 percent of GDP to upgrading “infrastructure – roads, bridges, ports, airfields – needed to deploy armies to the front.”
This non-binding agreement, coupled with Washington’s reaffirmation of its commitment to NATO’s collective defense clause, Article 5, led NATO Secretary General Mark Rutte to express positivity about the summit during his closing remarks. Despite this, the summit’s focus on appeasing U.S. President Donald Trump came at the expense of collective action against NATO’s most pressing security concerns. On the list of issues that were not discussed in any significant detail at the NATO summit, the most notable entry is the growing threat posed by North Korea vis-à-vis the Ukraine conflict.
Russia’s invasion of Ukraine in 2022 initiated Europe’s biggest land conflict since World War II, and Pyongyang’s military and logistical support of Moscow’s war effort in Ukraine has brought the conflict to a global scale. However, North Korea was scarcely mentioned by attending world leaders or the event’s experts, despite its presence on the agenda at the previous summit. Those watching this year’s summit would, therefore, be excused for thinking that the threat posed by Pyongyang in Ukraine had retreated. However, the reality is far from this: North Korea is expected to send more troops to Russia in July or August to aid its efforts against Ukraine, according to South Korea’s National Intelligence Service.
The deployment of North Korean troops to Russia was first reported in late 2024, with an estimated 10,000-14,000 soldiers believed to have been sent to Russia’s Kursk region to help deter Ukrainian incursions. Over 6,000 North Korean soldiers have died or been injured since the deployment began. Beyond sending soldiers, Pyongyang’s supply of defense equipment to Moscow has had a significant impact on the conflict. For example, a 2025 investigation by Reuters found that Pyongyang was providing Russia with more than half of all artillery shells used in Ukraine.
Moreover, North Korea is believed to be supplying Russia with “significant quantities of ballistic missiles” according to a Multilateral Sanctions Team’s May 2025 report. This aid, coupled with North Korean troops’ pivotal role in pushing back Ukrainian operations in Russia’s Kursk Oblast, has allowed Moscow to counter any momentum that Ukrainian forces were building against Russia in 2023-2024.
In the lead up to the latest summit, some NATO countries likely perceived the Russia-Ukraine war of attrition as a “constant variable” that can be deprioritized. Instead, Trump’s allusions to a potential withdrawal from the alliance in the weeks leading up to the summit took the main focus. However, deprioritizing the conflict underestimates the multidimensional threats that North Korea poses to NATO vis-à-vis its presence in Russia and Ukraine.
Chief among these is the underdiscussed threat posed by North Korean IT workers. These operatives have infiltrated North American and European organizations critical to NATO’s security supply chain and support to Ukraine. An April 2025 report from Google’s Threat Intelligence Group (TAG) highlighted the pervasive nature of this threat. TAG disclosed that North Korean operatives were discovered digitally “gaining and maintaining employment” as IT professionals in Europe and the United States across a variety of industries, including aerospace and defense.
The few comments made at the NATO summit about North Korea’s cyber activity focused on the regime’s overt focus on gathering cryptocurrency to fund its ballistic missile and nuclear weapons programs. This narrow perspective of North Korea’s cyber capabilities and activities leaves NATO vulnerable to more serious and pervasive threats in light of NATO members’ ongoing defense build-up efforts. The most prominent of these would be North Korea’s intelligence gathering activities, either via cyber means or its IT workers embedded in NATO countries’ defense-related organizations.
Indeed, NATO’s European member states’ plans to rearm must be garnering great interest from the North Korean and Russian intelligence agencies. These initiatives are likely raising questions among these agencies about how they will impact Russia’s military operations in Ukraine and/or NATO Europe’s security posture toward the two nation-states. As such, North Korean IT workers embedded within critical supply chains present a significant security risk to NATO’s rearmament efforts.
IT workers, depending on their seniority, typically have access to information across entire organizations, given their role in managing the confidentiality, integrity, and availability (CIA) of information within an IT infrastructure. As such, these North Korean workers could use their unfettered access to the IT infrastructure of organizations critical to NATO’s supply chains – such as those in defense, technology, or critical raw materials. This access would be used to gather timely and actionable intelligence on matters such as the state of NATO’s defense rearmament efforts or its current operations against Russo-North Korean military activities in Ukraine.
Similarly, they could use this access to recruit malicious insiders – either through bribery or threats – to try and sabotage the operations of organizations along NATO’s defense supply chain – by deleting or leaking sensitive data, uploading malware onto devices, or impairing equipment meant for Kyiv. This would be in service of Pyongyang and its allies’ geopolitical objectives of weakening Western alliances.
Another notable threat is the high likelihood and high impact scenario of the access gained by malicious insiders or North Korean IT workers being used for intelligence gathering purposes that is then passed on to their Russian counterparts. Such a scenario would be especially problematic if it took place at companies that provide logistical support to Kyiv, such as European defense firms providing weaponry, or third-party suppliers of interoperability-related technology. Such information, especially delivery data like shipment times, could be used by Russian or North Korean forces to launch targeted artillery or missile strikes at critical weaponry shipments and/or destroy Ukrainian supply chains. This would likely deal a crucial blow to Kyiv’s defensive posture toward Russia and allow for a less inhibited Russian offensive in the Donbas region and beyond.
NATO’s failure to meaningfully address the threat posed by North Korea during this year’s summit reflects a dangerous blind spot that risks undermining the alliance’s rearmament and collective defense ambitions. As Pyongyang deepens its military and cyber partnership with Moscow, NATO must go beyond viewing North Korea as a regional nuisance and instead recognize it as a transcontinental enabler of conflict and key threat actor in not only the Indo-Pacific theater but the European one as well.
Pyongyang’s military support for Russia and the potential for deepening cyber infiltration efforts should not be viewed as far off possibilities but instead current coordinated challenges to NATO’s cohesion and operational effectiveness. To ensure its future relevance and effectiveness, NATO must integrate strategic intelligence collection on North Korean military, cyber, and industrial activities into its broader security framework. Otherwise, it risks building a defense architecture vulnerable to subversion from within.
Indeed, the alliance’s rearmament effort creates a new front line within supply chains and IT systems that adversaries like North Korea will be readily able to exploit for their, or their partners’, broader geopolitical ambitions. NATO must therefore view Pyongyang’s hybrid warfare activities not as an optional area of research but as a core requirement of any future defense strategies.
A key to ensuring this would be to deepen cross-regional cooperation with allies such as South Korea, which have more expertise with regard to North Korea. However, NATO should move quickly on this front as proactively fostering this cooperation will be particularly important in the coming months following the recent election of South Korean President Lee Jae-myung.
Lee’s absence from the NATO summit indicates he may be adopting a “pragmatic” foreign policy approach that could be placing priority on fostering deeper dialogue with traditional geopolitical rivals such as China, Russia, and North Korea by placing some distance between itself and Western allies in NATO.
Such a decision would likely be counterproductive to NATO’s efforts to rearm, given Seoul’s growing role as an arms exporter to Europe. Moreover, it will also undermine NATO’s narrative that the security threats that impact the Indo-Pacific also affect the Euro-Atlantic, likely lowering the alliance’s success in convincing its Indo-Pacific partners to jointly aid it in dealing with its evolving threat landscape.